Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

· Eleven people
were sent to an area hospital after a gas leak from a pressurized tank in a
backyard that prompted the closure of Abraham Lincoln High School in Riverside,
California, October 27. – Riverside Press-Enterprise

20.
October 27, Riverside Press-Enterprise –
(California) Riverside: Gas leak sends 11 to hospital; quarantine lifted. Eleven
people were sent to an area hospital for observation following a gas leak from
a pressurized tank in a backyard that prompted the closure of Abraham Lincoln
High School in Riverside October 27, as well as the temporary quarantine of
several blocks surrounding the tank. The containment order was lifted after
authorities removed the source of the gas and sealed the leak which was caused
by a corroded valve. Source: http://www.pe.com/articles/gas-752847-school-unknown.html

· FireEye
reported on an advanced persistent threat (APT) actor dubbed APT28 stating that
the group used the Sourface downloader and Chopstick and EvilToss malware to
attack governments and national and international organizations. – The
Register See item 23
below in the Information Technology
Sector

· Researchers
reported on an advanced persistent threat (APT) group that has used the Hikit
malware family to target government agencies, law enforcement, aerospace,
manufacturers, media, communications, pharmaceutical, energy, educational, and
other institutions in the U.S. and several other countries since 2008. – SoftpediaSee item 26
below in the Information Technology
Sector

· Satellite
data for the National Weather Service was restored October 23 after the agency
experienced an outage that lasted for more than a day after the agency first
stopped receiving weather data from a network of satellites. – Fierce
Government IT See item 28 below in the Communications
Sector

For another story, see item 7 below from the Transportation Systems
Sector

7. October
27, Securityweek – (Delaware; New Jersey) Attackers breach PoS
systems of Delaware Ferry service. Officials from the Delaware River and
Bay Authority announced October 24 that the payment card data of customers who
made purchases at Cape May-Lewes Ferry terminals and vessels in Delaware and
New Jersey may have been compromised due to a possible data breach detected
July 30. Customers who purchased food, beverages, and retail items between
September 30, 2013 and August 7, 2014 may be affected. Source: http://www.securityweek.com/attackers-breach-pos-systems-delaware-ferry-service

Information Technology Sector

23. October 28, The Register – (International) EvilToss and Sourface hacker crew
‘likely’ backed by Kremlin - FireEye. FireEye released a report on an
advanced persistent threat (APT) actor dubbed APT28 stating that the group used
the Sourface downloader and Chopstick and EvilToss malware to attack NATO,
Eastern European governments, European defense industry events, the World Bank,
and other national and international organizations. The researchers stated that
APT28 has been active since 2007 and was likely backed by the Russian
government. Source: http://www.theregister.co.uk/2014/10/28/us_mandiant_claims_moscow_sponsoring_apt_28_hacker_group/

24. October 28, Securityweek – (International) Attackers exploit ShellShock via SMTP
to distribute malware. Binary Defense Systems researchers reported that
attackers are leveraging the ShellShock vulnerability in GNU Bash to target
servers by adding the ShellShock payload to email subject, from, and to fields,
abusing the Simple Mail Transfer Protocol (SMTP). If a system is compromised, a
Perl-based IRC bot is downloaded and the SMTP gateway is added to a botnet
designed for distributed denial of service (DDoS) attacks. Source: http://www.securityweek.com/attackers-exploit-shellshock-smtp-distribute-malware

25. October 28, IDG News Service – (International) ‘ScanBox’ keylogger targets Uyghurs,
US think tank, hospitality industry. Researchers at PricewaterhouseCoopers
found that the ScanBox keylogging framework may be being used by several
attacker groups after it was found being used to perform keylogging attacks on
a variety of Web sites, including a U.S. think tank and other sites. ScanBox
was first discovered in August and uses JavaScript rather than installing
malware to collect keystrokes and other information. Source: http://www.networkworld.com/article/2839600/security/scanbox-keylogger-targets-uyghurs-us-think-tank-hospitality-industry.html

26. October 28, Softpedia – (International) Sophisticated Chinese espionage group
after Western advanced technology. A group of security and information
technology companies coordinated by Novetta released a report into an advanced
persistent threat (APT) group dubbed Axiom Group that has used the Hikit
malware family and other tools to target government agencies, law enforcement,
aerospace, manufacturers, media, communications, pharmaceutical, energy,
educational, and other institutions in the U.S. and several other countries
since 2008. The researchers stated that the group originates in China and
appears to choose targets in line with Chinese government policies. Source: http://news.softpedia.com/news/Sophisticated-Chinese-Espionage-Group-After-Western-Advanced-Technology-463348.shtml

27. October 27, Securityweek – (International) Targeted attacks against businesses
jump: Kaspersky Lab. Kaspersky Labs and B2B International released the
results of a survey covering 3,900 respondents in 27 countries and found that
94 percent of businesses surveyed reported at least one cybersecurity incident
in the past 12 months, with 12 percent of the countries surveyed reporting one
or more targeted attack, among other findings. Source: http://www.securityweek.com/targeted-attacks-against-businesses-jump-kaspersky-lab

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"